<?php
/*
Cogumelo v0.1 - Map-Experience
Copyright (C) 2008 Innoto Gestión para el Desarrollo Social S.L. <mapinfo@map-experience.com>

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301,
USA.
*/

header("Content-Type: application/json"); //return only JSON data
require_once("Classes/Controllers/Data/UseradminController.inc");
require_once("Classes/Controllers/Session/UserAdminSessionController.inc");
require_once("Classes/Controllers/Access/UserAdminAccessController.inc");
include("Classes/Utils/FormProc.inc");

///
///	Action change password admin
///

// VALIDATION FOR CHANGE
$formvalidator = new FormProc('changepassword',  'Rellena los campos señalados como erroneos' );

$formvalidator->addInput('currentpass', false,$postData['currentpass'], 'PASSWD' , true, 12  );
$formvalidator->addInput('newpass1', false,$postData['newpass1'], 'PASSWD' , true, 12  );
$formvalidator->addInput('newpass2', false,$postData['newpass2'], 'PASSWD' , true, 12  );

$formvalidator->validate();

$accesssessioncontrol = new UserAdminSessionController();
$dateVO = $accesssessioncontrol->getUser();

//PASSWORD ACTUAL
if($dateVO)
{
	if(SHA1($postData['currentpass']) != $dateVO->getPasswd())
			$formvalidator->addError('currentpass', '(La contraseña actual introducida no es correcta)');
}

// PASSWORD CHECK
if ($postData['newpass1'] != $postData['newpass2'])
{
	$formvalidator->addError('newpass1', '(Las nuevas contraseñas deben coincidir)');
	$formvalidator->addError('newpass2', '');
}

// CHECK CHANGE PASSWORD

$id = $dateVO->getId();

if($id)
{
	if($postData['newpass1'] != "")
	{
		if($dateVO->getPasswd() == SHA1($postData['newpass1']))
		{
		$formvalidator->addError('newpass1', '(La nueva contraseña no puede ser la misma que la actual)');
		$formvalidator->addError('newpass2', '');
		}else{
			if($dateVO->getOldpassword1() && !$dateVO->getOldpassword2())
			{
				if($dateVO->getOldpassword1() == SHA1($postData['newpass1']))
				{
						$formvalidator->addError('newpass1', '(La nueva contraseña no puede ser la misma que las dos ultimas anteriores)');
						$formvalidator->addError('newpass2', '');
				}
				
			}
			if($dateVO->getOldpassword1() && $dateVO->getOldpassword2())
			{
				if($dateVO->getOldpassword1() == SHA1($postData['newpass1']) || $dateVO->getOldpassword2() == SHA1($postData['newpass2']))
				{
						$formvalidator->addError('newpass1', '(La nueva contraseña no puede ser la misma que las dos ultimas anteriores)');
						$formvalidator->addError('newpass2', '');
				}				
			}
		}		
	}	
}

//
// PAGE RESULT
//

// ERROR CONTROL
if(!$formvalidator->haveErrors())
{
		$useradmincontrol = new UseradminController();
		if($dateVO){
				$newupdateadmin['useradmin_id'] = $dateVO->getId();
				$newupdateadmin['useradmin_oldpassword1'] = $dateVO->getPasswd();
				$newupdateadmin['useradmin_oldpassword2'] = $dateVO->getOldpassword1();
				$newupdateadmin['useradmin_oldpassword3'] = $dateVO->getOldpassword2();	
				$newupdateadmin['useradmin_passwd'] = $postData['newpass1'];
				$newupdateadmin['useradmin_time_lastchangepasswd'] = date("YmdHis", time());
				//Ahora actualizamos
				$useradmincontrol->UpdatePasswd($newupdateadmin);
		}
		$accesscontrol = new UserAdminAccessController();
		$accesscontrol->Logout();
}
die( json_encode( $formvalidator->dumpErrors() ));
?>